Splunk Threat Hunting Ep.6 Credential Access

Threat Hunting is the act of proactively searching for undetected threats within a system or network. The aim of this lab is to help understand how threat intelligence can drive hypothesis creation.

In this lab, the adversary gathers various forms of credentials from the victim.

Using Splunk to answer Question 3

Question 3 and correct answer

Searching for Question 4

Question 4

Searching for question 5

Question 5